Role Based Forms Authentication in ASP.NET 2.0
page 6 of 16
by Satheesh Babu
Feedback
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 80732/ 215

Configuring Forms Authentication

As we all know, this is done in Web.config by changing the value of <authentication> tag.

Listing 1

<authentication mode="Forms">
  <forms loginUrl="Login.aspx" 
  name=".ASPXAUTH"     
  protection="All">
  </forms>
</authentication>

The default timeout for forms authentication is 30 minutes. It indicates that 30 minutes of inactivity on the application will cause timeout expiration and the user will be prompted to the login page. Any hit to the site after login will reset this clock to 30 minutes again starting from that time. If we want to override this setting then we can include this in the above <forms> tag. See MSDN for a full list of attributes that can be specified in this tag.

After configuring forms authentication we need to configure the authorization part of the Web.Config.

Listing 2

<authorization>
  <allow users="*"/> 
</authorization>

The above setting says it will allow all the users because the posted content should be viewed by anyone as I said in the Scenario section. The next section will explain the configuration settings to restrict users accessing the pages in Admin and Publisher folders.


View Entire Article

User Comments

Title: it works at once   
Name: snopbear
Date: 2008-08-26 9:32:07 AM
Comment:
When I log in with test1 or any of them, I get redirected to a HTTP Error 404 - Not Found page. Any ideas?
Title: Question   
Name: Jeff
Date: 2008-06-26 9:53:38 AM
Comment:
When you log into the site with a user, go to their homepage, then click logout, hit the BACK button enough, it will get you into the home page without credentials.

Once you hit refresh it kicks you out and you have to login again.

This happens in IE6. It seems to work in Firefox right.
Title: Something is wrong   
Name: Mike
Date: 2008-06-25 10:16:43 AM
Comment:
When I log in with test1 or any of them, I get redirected to a HTTP Error 404 - Not Found page. Any ideas?
Title: permissions and roles   
Name: tariq
Date: 2008-05-12 5:39:03 AM
Comment:
Hi,

I need to grant users with permissions depending on their roles. I have heard about Visual Guard .Net http://www.visual-guard.com/EN. before I start testing, do you have any feedback about this tool?

thank you
Title: Thnx   
Name: Dhaval Patel
Date: 2008-05-02 11:04:11 AM
Comment:
thanks buddy... it helped understanding it better.






Community Advice: ASP | SQL | XML | Regular Expressions | Windows


©Copyright 1998-2019 ASPAlliance.com  |  Page Processed at 2019-03-22 8:43:44 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search